December 9

WEBINAR TAKEAWAY: When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

0  comments

file

MY KEY TAKEAWAYS

  • already 20 years ago, Kevin Mitnick testified before US Senate and highlighted social engineering and the need for training. Still today changing human behaviour is most times the weakest point.
  • threat actors have almost unlimited time to do extensive research before an attack, so they are extremly good at buidling the trust factor
  • Kevin recommends: trust your gut! If it sounds too good to be true, it possibly is.
  • A crafty attacker tries to push the victim into system 1 thinking. To force yourself to remain in system 2, is a very effective defense mechanism against social engineering.
  • While Trump was in hospital with COVID19, it created an information vaccum = working phish bait
  • Common phishing tactic: link to trusted sources like Google Docs or O365. Document might contain hyperlink to malware.
  • Having a good and tested(!) desaster recovery plan is cruicial with more and more ransomware attacks

Demo time

ENV


Tags

awareness training, phishing, social engineering


You may also like

Boosting Cybersecurity in German SMEs with Gamification and Serious Play

Boosting Cybersecurity in German SMEs with Gamification and Serious Play

Ethical considerations in phishing tests: to inform employees or not?

Ethical considerations in phishing tests: to inform employees or not?
Leave a Reply

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit markiert.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}